Skip to content

Commit

Permalink
feat: advertise basic auth support for wms, wmts & tms. (skip build) …
Browse files Browse the repository at this point in the history 
…(skip doc)
  • Loading branch information
@robinbourianes-kalisio
robinbourianes-kalisio committed Oct 19, 2021
1 parent 8adb4ac commit cea0187
Showing 1 changed file with 66 additions and 6 deletions.
72 changes: 66 additions & 6 deletions configs/express-gateway/gateway.config.yml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,11 @@ apiEndpoints:
scopes: ["wms"]
wmts:
host: '*'
paths: '/wmts/*'
paths: '/wmts*'
scopes: ["wmts"]
tms:
host: '*'
paths: '/tms/*'
paths: '/tms*'
scopes: ["tms"]
wfs:
host: '*'
Expand All @@ -28,7 +28,7 @@ apiEndpoints:
wcs:
host: '*'
paths: '/wcs*'
scopes: ["wcs"]
scopes: ["wcs"]
k2:
host: '*'
paths: '/k2/*'
Expand All @@ -48,11 +48,11 @@ apiEndpoints:
# we have to catch them and redirect them as our 'regular' wms, wmts .. api endpoints
mapcache_wmts:
host: '*'
paths: '/ows/wmts/*'
paths: '/ows/wmts*'
scopes: ["wmts"]
mapcache_tms:
host: '*'
paths: '/ows/tms/*'
paths: '/ows/tms*'
scopes: ["tms"]
mapcache_wms:
host: '*'
Expand Down Expand Up @@ -116,6 +116,9 @@ pipelines:
policies:
- metrics:
- cors:
- basic-auth:
- action:
passThrough: true
- jwt:
- condition:
name: anonymous
Expand All @@ -134,6 +137,23 @@ pipelines:
secretOrPublicKey: ${EXPRESS_GATEWAY_KEY_SECRET}
checkCredentialExistence: true
audience: ${SUBDOMAIN}
passThrough: true
# if we get there and still anonymous, add a WWW-Authenticate: Basic header
# to advertise basic auth support
- response-transformer:
- condition:
name: anonymous
action:
headers:
add:
WWW-Authenticate: "'Basic'"
# and terminate connection using code 401
- terminate:
- condition:
name: anonymous
action:
statusCode: 401
message: "Unauthorized"
- scopes:
- proxy:
- action:
Expand All @@ -148,6 +168,9 @@ pipelines:
policies:
- metrics:
- cors:
- basic-auth:
- action:
passThrough: true
- jwt:
- condition:
name: anonymous
Expand All @@ -166,6 +189,23 @@ pipelines:
secretOrPublicKey: ${EXPRESS_GATEWAY_KEY_SECRET}
checkCredentialExistence: true
audience: ${SUBDOMAIN}
passThrough: true
# if we get there and still anonymous, add a WWW-Authenticate: Basic header
# to advertise basic auth support
- response-transformer:
- condition:
name: anonymous
action:
headers:
add:
WWW-Authenticate: "'Basic'"
# and terminate connection using code 401
- terminate:
- condition:
name: anonymous
action:
statusCode: 401
message: "Unauthorized"
- scopes:
- proxy:
- action:
Expand All @@ -180,6 +220,9 @@ pipelines:
policies:
- metrics:
- cors:
- basic-auth:
- action:
passThrough: true
- jwt:
- condition:
name: anonymous
Expand All @@ -198,6 +241,23 @@ pipelines:
secretOrPublicKey: ${EXPRESS_GATEWAY_KEY_SECRET}
checkCredentialExistence: true
audience: ${SUBDOMAIN}
passThrough: true
# if we get there and still anonymous, add a WWW-Authenticate: Basic header
# to advertise basic auth support
- response-transformer:
- condition:
name: anonymous
action:
headers:
add:
WWW-Authenticate: "'Basic'"
# and terminate connection using code 401
- terminate:
- condition:
name: anonymous
action:
statusCode: 401
message: "Unauthorized"
- scopes:
- proxy:
- action:
Expand Down Expand Up @@ -348,4 +408,4 @@ pipelines:
serviceEndpoint: capture
changeOrigin: true
stripPath: false
timeout: 120000
timeout: 120000

0 comments on commit cea0187

Please sign in to comment.